The Raccoon Stealer gang has just launched version 2.0 of their info-stealing malware, and is actively selling it as a service. Criminals can use the new Raccoon Stealer for $275 per month or $125 per week.
An ongoing wave of phishing emails is using missed voicemail messages as a lure. Multiple US companies in various sectors were targeted last week again. The goal of the attackers is to steal Microsoft 365 credentials in order to access their environments.
Conti has been one of the most active ransomware gangs of late. After recent attention, the group announced that they will abandon the brand. Their infrastructure has not been updated since, and some of their leak sites are offline. Of course, this does not mean that they will fully disappear.
The June 2022 cumulative updates for Windows Server have caused trouble for administrators of servers that have Routing and Remote Access Service (RRAS) enabled.
The German energy provider Entega reported a cyberattack over the weekend, impacting their online services and the email accounts of the 2,000 employees. The critical infrastructure of the energy network was not compromised. Stadtwerke Mainz and a regional waste disposal company both reported issues as well.
Microsoft's latest Patch Tuesday update covered 60 vulnerabilities, of which three were considered critical — meaning that they can be remotely exploited to gain full control of the machine. One of these three is the Follina vulnerability in the Microsoft Support Diagnostics Tool (MSDT), which has already been heavily exploited.
The BlackCat extortion gang, also known as ALPHV, has taken the data leak site to a whole new level — providing a way for individuals to check if their personal information was included in batches of stolen data.
An unpatched remote code execution vulnerability in the Microsoft Windows Support Diagnostic Tool (MSDT), which is being tracked as CVE-2022-30192, is being exploited in phishing campaigns that are targeting U.S. and European government organizations.
Palermo, a city of 1.3 million people and a popular tourist destination in Southern Italy, has become the latest victim of a Vice Society ransomware attack.
First appearing on the scene as a banking trojan in 2007, Qbot has since expanded to become a powerful botnet threat that frequently works with ransomware gangs. Now the group can count Black Basta as their latest partner.
A new Windows vulnerability, dubbed CVE-2022 30190 (or "Follina"), allows attackers to create a Word document that will execute malicious code through the MSDT protocol when a user opens the file in Preview mode.
In two years time, the APT known as SideWinder has attacked as many as 1,000 victims. While the group behind SideWinder has focused on aviation, defense, IT, legal, and military targets in central Asian countries, it appears to be expanding its geography.